ISP flip-flops: why do they now support “six strikes” plan?

As recently as last year, major ISPs strongly opposed playing any role in …

Why did three of the nation's largest network providers—Comcast, AT&T, and Verizon—sign on to the music and movie industry's "copyright alert" system? When we posed that question to Verizon spokesman Ed McFadden, he insisted that Verizon was just being a good citizen. In fact, he sounded surprised that we were even asking the question. Why wouldn't Verizon want to help fight illegal activity on its network?

Well, here's how Verizon's fellow telecom behemoth AT&T put it in a regulatory filing last year:

While we at AT&T are willing to, and actively do, forward these notices to our customers today, we nonetheless believe that there are significant legal and policy issues associated with taking the next step of sanctioning our customers based solely on the receipt of multiple third party notices.

Private entities are not created or meant to conduct the law enforcement and judicial balancing act that would be required; they are not charged with sitting in judgment of facts; and they are not empowered to punish alleged criminals without a court order or other government sanction. Indeed, the liability implications of ISPs acting as a quasi-law-enforcement/judicial branch could be enormous. The government and the courts, not ISPs, are responsible for intellectual property enforcement, and only they can secure and balance the various property, privacy, and due process rights that are at play and often in conflict in this realm.

Verizon executive Tom Tauke expressed similar concerns in 2008 that such a process, once begun, would be a slippery slope. "Once you start going down the path of looking at the information going down the network, there are many that want you to play the role of policeman," he said. "Stop illegal gambling offshore. Stop pornography. Stop a whole array of other kinds of activities that some may think inappropriate."

ISPs have been making these principled arguments for over a decade. They used them in 1998 to persuade Congress to add a "safe harbor" to the Digital Millennium Copyright Act. For years, they stubbornly resisted calls for them to become copyright cops.

This hasn't just been an American position; ISPs like Australia's iiNet have long resisted the "pseudo 'trial and conviction' process" that results from totally private enforcement.

That stance has changed in recent years, at least among the major players—nearly all of whom now operate major content delivery networks of their own, often in the form of pay-TV systems. This week's announcement marks one of the more dramatic moves away from the basic principle that network operators don't play policeman in non-technical areas.

In our conversation, Verizon's McFadden defended the decision without reference to these once-heated arguments about ISPs/intermediary enforcement. Instead, the new system is good for Verizon's customers, he said, because it gives them "a number of different options to address this issue if their broadband connection has been used" for illegal file sharing. And he insisted that it's in Verizon's interest not to have illegal activity happening on its network.

Well, perhaps. Some users might find the "alerts" helpful, but we doubt many will appreciate the "mitigation measures" that come with them. And federal law is very clear that ISPs are not responsible for illegal activity on their networks so long as they comply with the applicable safe harbor rules. As for ISPs wanting to stop illegal online behavior... content owners have been charging for years that ISPs don't want to act because it means angering paying customers. If Verizon, AT&T, and others have been wanting to play policeman, they have had years of opportunities to do so. So what changed now?

McFadden insisted that nothing significant has changed. The new system was, he said, "in line with the approach Verizon has taken in the past." And in some important respects, he's right. One important point of continuity, which he repeatedly emphasized in our conversation, is that Verizon "will not share customer data with third parties" unless the law requires them to do so. The ISPs have also refused to do any monitoring or filtering of traffic.

Still, the new "mitigation" measures do represent a shift that could raise all sorts of legal and technical headaches for network operators. Given their existing legal protections, why tread in such shark-infested waters?

Bargaining chips

White House arm-twisting had something to do with it. As we reported on Thursday, the White House has been credited with "brokering" the deal. It's not clear what that means, but perhaps administration officials hinted that if ISPs didn't agree to a voluntary graduated response system, the administration would throw its weight behind a legislative solution.

McFadden wouldn't comment on whether White House inducements were a factor in Verizon's decision. But those meetings at the White House sound a lot like the "multi-stakeholder process" envisioned in an international report signed in Paris last month. That document explicitly contemplates using the threat of intermediary liability as a stick to get ISPs to "voluntarily" sign up for the role of copyright cop.

Another possible clue to the mystery comes from this Verizon regulatory filing from 2010. After insisting that its existing notification system (without "mitigation") was working fine (indeed, it was apparently quite effective), Verizon added that the system was "based in commercial agreements, in which Verizon benefits from the lawful distribution of content and hence has made millions of dollars of investment in the notice regime on top of the billions of dollars it has invested in its broadband networks."

It's not clear which "commercial agreements" Verizon is referring to, but it sounds like a reference to Verizon's FiOS business, which includes a pay-TV component. Today, unlike in 1998, Verizon depends on copyright holders for access to television content. Perhaps it used participation in that earlier notification program as a bargaining chip to get better terms for the content it wanted—and Thursday's announcement may have been the result of a similar deal.

But if so, the companies involved aren't interested in saying much about it.

No more presumption of innocence?

Ars talked to Wendy Seltzer, a scholar at Princeton's Center for Information Technology Policy and the head of the Chilling Effects clearinghouse, about the significance of the move. She argued that ISP regulation got things right the first time.

"I think that it's wrong for ISPs to be getting into this fight at all," she said. "They're breaching the useful separation of layers between carriage and content."

That separation is important, she added, because it preserves the presumption of innocence that is the foundation of our legal system. Users shouldn't have to explain to their ISPs what they're doing with their Internet connections, she argued—and they certainly shouldn't have to pay $35 (the appeals fee for those challenging a "mitigation" measure). Indeed, they shouldn't face any "mitigations measures" at all until their use of the network has been ruled unlawful in court, she believes.

Indeed, she pointed to higher education as a cautionary example. In an effort to stop campus file sharing, "universities have tightened up their networks in ways that make it harder for their CS and information schools to do research," she said. "Instead of creating the network as something for their students to explore, it becomes something that is to be used only in approved ways. That doesn't fit with the ideal of the Internet as an evolving technology."

Timothy B. Lee
Timothy covers tech policy for Ars, with a particular focus on patent and copyright law, privacy, free speech, and open government. His writing has appeared in Slate, Reason, Wired, and the New York Times. Emailtimothy.lee@arstechnica.com//Twitter@binarybits